gsd - gsd-2012-3864

gsd-2012-3864

Vulnerability from gsd

Modified

2023-12-13 01:20

Details

Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user's certificate and private key in a GET request.

Aliases

CVE-2012-3864

Aliases

CVE-2012-3864

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2012-3864",
    "description": "Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user\u0027s certificate and private key in a GET request.",
    "id": "GSD-2012-3864",
    "references": [
      "https://www.suse.com/security/cve/CVE-2012-3864.html",
      "https://www.debian.org/security/2012/dsa-2511",
      "https://access.redhat.com/errata/RHSA-2012:1542",
      "https://alas.aws.amazon.com/cve/html/CVE-2012-3864.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2012-3864"
      ],
      "details": "Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user\u0027s certificate and private key in a GET request.",
      "id": "GSD-2012-3864",
      "modified": "2023-12-13T01:20:20.289482Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2012-3864",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user\u0027s certificate and private key in a GET request."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "SUSE-SU-2012:0983",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html"
          },
          {
            "name": "http://puppetlabs.com/security/cve/cve-2012-3864/",
            "refsource": "CONFIRM",
            "url": "http://puppetlabs.com/security/cve/cve-2012-3864/"
          },
          {
            "name": "DSA-2511",
            "refsource": "DEBIAN",
            "url": "http://www.debian.org/security/2012/dsa-2511"
          },
          {
            "name": "USN-1506-1",
            "refsource": "UBUNTU",
            "url": "http://www.ubuntu.com/usn/USN-1506-1"
          },
          {
            "name": "50014",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/50014"
          },
          {
            "name": "https://github.com/puppetlabs/puppet/commit/10f6cb8969b4d5a933b333ecb01ce3696b1d57d4",
            "refsource": "CONFIRM",
            "url": "https://github.com/puppetlabs/puppet/commit/10f6cb8969b4d5a933b333ecb01ce3696b1d57d4"
          },
          {
            "name": "openSUSE-SU-2012:0891",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=839130",
            "refsource": "CONFIRM",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=839130"
          },
          {
            "name": "https://github.com/puppetlabs/puppet/commit/c3c7462e4066bf3a563987a402bf3ddf278bcd87",
            "refsource": "CONFIRM",
            "url": "https://github.com/puppetlabs/puppet/commit/c3c7462e4066bf3a563987a402bf3ddf278bcd87"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppetlabs:puppet:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.6.16",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppetlabs:puppet:2.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppetlabs:puppet:2.7.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.16:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.6.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.12:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet:2.7.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:puppet:puppet_enterprise:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "2.5.1",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2012-3864"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user\u0027s certificate and private key in a GET request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/puppetlabs/puppet/commit/c3c7462e4066bf3a563987a402bf3ddf278bcd87",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Patch"
              ],
              "url": "https://github.com/puppetlabs/puppet/commit/c3c7462e4066bf3a563987a402bf3ddf278bcd87"
            },
            {
              "name": "https://github.com/puppetlabs/puppet/commit/10f6cb8969b4d5a933b333ecb01ce3696b1d57d4",
              "refsource": "CONFIRM",
              "tags": [
                "Exploit",
                "Patch"
              ],
              "url": "https://github.com/puppetlabs/puppet/commit/10f6cb8969b4d5a933b333ecb01ce3696b1d57d4"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=839130",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=839130"
            },
            {
              "name": "http://puppetlabs.com/security/cve/cve-2012-3864/",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "http://puppetlabs.com/security/cve/cve-2012-3864/"
            },
            {
              "name": "SUSE-SU-2012:0983",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html"
            },
            {
              "name": "DSA-2511",
              "refsource": "DEBIAN",
              "tags": [],
              "url": "http://www.debian.org/security/2012/dsa-2511"
            },
            {
              "name": "USN-1506-1",
              "refsource": "UBUNTU",
              "tags": [],
              "url": "http://www.ubuntu.com/usn/USN-1506-1"
            },
            {
              "name": "50014",
              "refsource": "SECUNIA",
              "tags": [],
              "url": "http://secunia.com/advisories/50014"
            },
            {
              "name": "openSUSE-SU-2012:0891",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "NONE",
            "baseScore": 4.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2019-07-10T18:02Z",
      "publishedDate": "2012-08-06T16:55Z"
    }
  }
}

cve-2012-3864

Vulnerability from cvelistv5

Published

2012-08-06 16:00

Modified

2024-08-06 20:21

Severity ?

Summary

References

▼	URL	Tags
	http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html	vendor-advisory, x_refsource_SUSE
	http://puppetlabs.com/security/cve/cve-2012-3864/	x_refsource_CONFIRM
	http://www.debian.org/security/2012/dsa-2511	vendor-advisory, x_refsource_DEBIAN
	http://www.ubuntu.com/usn/USN-1506-1	vendor-advisory, x_refsource_UBUNTU
	http://secunia.com/advisories/50014	third-party-advisory, x_refsource_SECUNIA
	https://github.com/puppetlabs/puppet/commit/10f6cb8969b4d5a933b333ecb01ce3696b1d57d4	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html	vendor-advisory, x_refsource_SUSE
	https://bugzilla.redhat.com/show_bug.cgi?id=839130	x_refsource_CONFIRM
	https://github.com/puppetlabs/puppet/commit/c3c7462e4066bf3a563987a402bf3ddf278bcd87	x_refsource_CONFIRM

Impacted products

▼	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T20:21:04.064Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "SUSE-SU-2012:0983",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://puppetlabs.com/security/cve/cve-2012-3864/"
          },
          {
            "name": "DSA-2511",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2012/dsa-2511"
          },
          {
            "name": "USN-1506-1",
            "tags": [
              "vendor-advisory",
              "x_refsource_UBUNTU",
              "x_transferred"
            ],
            "url": "http://www.ubuntu.com/usn/USN-1506-1"
          },
          {
            "name": "50014",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/50014"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/puppetlabs/puppet/commit/10f6cb8969b4d5a933b333ecb01ce3696b1d57d4"
          },
          {
            "name": "openSUSE-SU-2012:0891",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=839130"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/puppetlabs/puppet/commit/c3c7462e4066bf3a563987a402bf3ddf278bcd87"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2012-07-11T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user\u0027s certificate and private key in a GET request."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2014-10-08T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "SUSE-SU-2012:0983",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://puppetlabs.com/security/cve/cve-2012-3864/"
        },
        {
          "name": "DSA-2511",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2012/dsa-2511"
        },
        {
          "name": "USN-1506-1",
          "tags": [
            "vendor-advisory",
            "x_refsource_UBUNTU"
          ],
          "url": "http://www.ubuntu.com/usn/USN-1506-1"
        },
        {
          "name": "50014",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/50014"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/puppetlabs/puppet/commit/10f6cb8969b4d5a933b333ecb01ce3696b1d57d4"
        },
        {
          "name": "openSUSE-SU-2012:0891",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=839130"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/puppetlabs/puppet/commit/c3c7462e4066bf3a563987a402bf3ddf278bcd87"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2012-3864",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Puppet before 2.6.17 and 2.7.x before 2.7.18, and Puppet Enterprise before 2.5.2, allows remote authenticated users to read arbitrary files on the puppet master server by leveraging an arbitrary user\u0027s certificate and private key in a GET request."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "SUSE-SU-2012:0983",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2012-08/msg00006.html"
            },
            {
              "name": "http://puppetlabs.com/security/cve/cve-2012-3864/",
              "refsource": "CONFIRM",
              "url": "http://puppetlabs.com/security/cve/cve-2012-3864/"
            },
            {
              "name": "DSA-2511",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2012/dsa-2511"
            },
            {
              "name": "USN-1506-1",
              "refsource": "UBUNTU",
              "url": "http://www.ubuntu.com/usn/USN-1506-1"
            },
            {
              "name": "50014",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/50014"
            },
            {
              "name": "https://github.com/puppetlabs/puppet/commit/10f6cb8969b4d5a933b333ecb01ce3696b1d57d4",
              "refsource": "CONFIRM",
              "url": "https://github.com/puppetlabs/puppet/commit/10f6cb8969b4d5a933b333ecb01ce3696b1d57d4"
            },
            {
              "name": "openSUSE-SU-2012:0891",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2012-07/msg00036.html"
            },
            {
              "name": "https://bugzilla.redhat.com/show_bug.cgi?id=839130",
              "refsource": "CONFIRM",
              "url": "https://bugzilla.redhat.com/show_bug.cgi?id=839130"
            },
            {
              "name": "https://github.com/puppetlabs/puppet/commit/c3c7462e4066bf3a563987a402bf3ddf278bcd87",
              "refsource": "CONFIRM",
              "url": "https://github.com/puppetlabs/puppet/commit/c3c7462e4066bf3a563987a402bf3ddf278bcd87"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2012-3864",
    "datePublished": "2012-08-06T16:00:00",
    "dateReserved": "2012-07-06T00:00:00",
    "dateUpdated": "2024-08-06T20:21:04.064Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted